79d334c8d76c55a3cd9ccc5341e8cd82 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79d334c8d76c55a3cd9ccc5341e8cd82
Size

219KB
MD5

79d334c8d76c55a3cd9ccc5341e8cd82
SHA1

87b72b2451e57368dc1472898e4b9de351160f55
SHA256

1fdb084707f7c35f0e04525b2decfa9519560b3cce58dff495bc6b7b53218ff3
SHA512

a3dc8f67f68905b6f2d70183843d98514e3bc0d8e1ea2a44560f711bfc7dbdaa2e7e7aac48bba6491bbedcb182dc5c65c18e1fe52788c5cc0ad0a9759a79f828
SSDEEP

6144:TwgZgkr8qmsis25TZv1iTtIndTaVrwTxHWx0:EgZgO8qms45TwPOHWx0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79d334c8d76c55a3cd9ccc5341e8cd82

Files

79d334c8d76c55a3cd9ccc5341e8cd82
.exe windows:4 windows x86 arch:x86

35bd2449995b13b395a7d14ebd2adb4a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
PeekMessageA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetProcAddress

advapi32

RegQueryValueExA

oleaut32

SysFreeString
SafeArrayPtrOfIndex

Sections

.text
Size: 20KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE